Versions Compared

Old Version 1

changes.mady.by.user Marko Ivančić

Saved on

compared with

New Version Current

changes.mady.by.user Marko Ivančić

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

The following procedure will describe how to enable federated login in OTRS using simpleSAMLphp as an authentication module. We used the following configuration:

  • Linux Debian OS 5.0.8
  • Apache 2.2.9
  • PHP 5.2.6
  • Perl 5.10.0
  • simpleSAMLphp 1.5.1
  • OTRS 3.0.6

but with minor modifications described procedure should also work on other similar platforms.

Table of Contents

Step 1: Installing OTRS and simpleSAMLphp

If you haven't done that already, install OTRS 3.x(link is external) and simpleSAMLphp(link is external). The following instructions should work for all versions of simpleSAMLphp from 1.5.x onwards.

Step 2: Download required software

Download configuration files archive into a temporary folder and unpack it:

Code Block
# cd /tmp
# wget http://developer.aaiedu.hr/download/otrs3_simplesamlphp16.tar.gz
# tar xvfz otrs3_simplesamlphp16.tar.gz

Step 3: PHP::Session

Install PHP::Session Perl module:

Code Block
# apt-get install libuniversal-require-perl
# cd /tmp/otrs3_simplesamlphp16/dpkg
# dpkg -i libphp-session-perl_0.27-1_all.deb
# mkdir /var/run/samlsessions
# chown www-data:www-data /var/run/samlsessions
# chmod 775 /var/run/samlsessions

Step 4: Configuring OTRS

Make sure that version of OTRS which you installed works properly with the default configuration. We will assume that OTRS is installed in folder /opt/otrs/

  1. Log in to OTRS as user root@localhost and create new user account which will have admin privileges. Username must be identical to the value of attribute eduPersonPrincipalName in your federation (in Croatian federation this attribute is called hrEduPersonUniqueID). What you enter in the Password field is irellevant because you'll be using your federated account to log in.
  2. Copy folder Kernel to the appropriate place in the OTRS installation folder:
Code Block
# cd /tmp/otrs3_simplesaml16/otrs_home/Custom
# cp -R Kernel /opt/otrs/Custom
  1. Enter hostname and parameters for accessing OTRS database using the following:
Code Block
# vi /opt/otrs/Custom/Kernel/Config.pm

$Self->{'DatabaseHost'} = 'localhost';
$Self->{'Database'} = 'otrs';
$Self->{'DatabaseUser'} = 'otrs';
$Self->{'DatabasePw'} = 'password';
$Self->{Home} = '/opt/otrs';
my $c_host = 'host.realm.hr';
$Self->{'Organization'} = 'Organization';
$Self->{'AdminEmail'} = 'root@realm.hr';

Step 5: Configuring simpleSAMLphp

Make sure you have a working installation of simpleSAMLphp configured as a service provider(link is external). We will assume that simpleSAMLphp is installed in folder /var/simplesamlphp/

Copy folder otrs to appropriate place in the simpleSAMLphp installation folder:

Code Block
# cd /tmp/otrs3_simplesaml16/simplesamlphp_home/www
# cp -R otrs /var/simplesamlphp/

Copy folder metadata to appropriate place in the simpleSAMLphp installation folder:

Code Block
# cd /tmp/otrs3_simplesaml16/simplesamlphp_home
# cp -R metadata /var/simplesamlphp/

Enter hostname and parameters for accessing OTRS database:

Code Block
# vi /var/simplesamlphp/www/otrs/lib/config.php

Find the following parameters and enter appropriate values depending on your host name and database access parameters:

Code Block
define('DB_HOST', 'localhost');
define('DB_NAME', 'otrs');
define('DB_USER', 'otrs');
define('DB_PASSWORD', 'password');
define('ALLOWED_REALMS', 'realm.hr');
define('OTRS_BASE_URL', 'http://host.realm.hr/otrs');
define('SIMPLESAML_BASE_URL', 'http://host.realm.hr/simplesaml');

Restart Apache:

Code Block
/etc/init.d/apache2 restart

and try to authenticate using federated login.